JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 124.43.5.103

124.43.5.103 was found in our database!

This IP was reported 169 times. Confidence of Abuse is 100%: ?

100%

ISP	Internet Service Provider in Sri Lanka.
Usage Type	Fixed Line ISP
ASN	AS9329
Domain Name	sltnet.lk
Country	🇱🇰 Sri Lanka
City	Colombo, Western Province

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 124.43.5.103

Whois 124.43.5.103

IP Abuse Reports for 124.43.5.103:

This IP address has been reported a total of 169 times from 78 distinct sources. 124.43.5.103 was first reported on March 9th 2026, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Jason Howell	2026-05-14 06:45:09 (3 weeks ago)	124.43.5.103 - - [14/May/2026:01:44:22 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2955 "-" "Jetpack by W ... show more 124.43.5.103 - - [14/May/2026:01:44:22 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2955 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)" 124.43.5.103 - - [14/May/2026:01:44:32 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2954 "-" "Jetpack by WordPress.com" 124.43.5.103 - - [14/May/2026:01:44:43 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2954 "-" "Jetpack/12.5; WordPress/6.2; http://site45812687.com" 124.43.5.103 - - [14/May/2026:01:44:53 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2956 "-" "Jetpack by WordPress.com" 124.43.5.103 - - [14/May/2026:01:45:03 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2955 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)" ... show less	Web App Attack
🇺🇸 integrantservices.com	2026-05-14 04:51:26 (3 weeks ago)	(wordpress) Failed wordpress login from 124.43.5.103 (LK/Sri Lanka/-)	Brute-Force
Anonymous	2026-05-14 04:44:21 (3 weeks ago)		Bad Web Bot Web App Attack
🇩🇪 rh24	2026-05-13 06:34:17 (3 weeks ago)	(wordpress) Failed wordpress login from 124.43.5.103 (LK/Sri Lanka/-): (CF_ENABLE)	Brute-Force
🇦🇺 screwlooseit.com.au	2026-05-13 03:32:03 (3 weeks ago)	Blocked by CSF 13 firewall - Rule: XMLRPC LK/Sri Lanka/-	Web App Attack
🇩🇪 dbmwebdesign	2026-05-12 19:21:29 (3 weeks ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇳🇱 debestelapp	2026-05-12 08:45:06 (3 weeks ago)		Web App Attack
🇨🇦 Paulo Henrique dos Santos Nichio	2026-05-12 07:32:25 (3 weeks ago)	(ls_brute) LiteSpeed Brute Force Attack 124.43.5.103 (LK/Sri Lanka/-): 3 in the last 600 secs; Ports ... show more (ls_brute) LiteSpeed Brute Force Attack 124.43.5.103 (LK/Sri Lanka/-): 3 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2026-05-12 04:31:59.536063 [WARN] [1474829] [T0] [124.43.5.103:55053-27#APVH_www.padariacompao.com.br:443] Brute force detected for IP [124.43.5.103], throttle. 2026-05-12 04:32:10.526566 [WARN] [1474829] [T0] [124.43.5.103:55053-28#APVH_www.padariacompao.com.br:443] Brute force detected for IP [124.43.5.103], throttle. 2026-05-12 04:32:20.539248 [WARN] [1474829] [T0] [124.43.5.103:55053-29#APVH_www.padariacompao.com.br:443] Brute force detected for IP [124.43.5.103], throttle. show less	Port Scan
🇳🇱 Site.eu	2026-05-11 23:03:20 (3 weeks ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
Anonymous	2026-05-11 11:52:32 (3 weeks ago)	Web App Attack, Hacking	Hacking Web App Attack
🇨🇦 Paulo Henrique dos Santos Nichio	2026-05-11 03:42:26 (3 weeks ago)	(ls_brute) LiteSpeed Brute Force Attack 124.43.5.103 (LK/Sri Lanka/-): 3 in the last 600 secs; Ports ... show more (ls_brute) LiteSpeed Brute Force Attack 124.43.5.103 (LK/Sri Lanka/-): 3 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2026-05-11 00:41:58.603870 [WARN] [161805] [T0] [172.71.124.73:11312:HTTP2-49>124.43.5.103#APVH_www.atc.esp.br:443] Brute force detected for IP [124.43.5.103], throttle. 2026-05-11 00:42:08.615590 [WARN] [161805] [T0] [172.71.124.73:11312:HTTP2-51>124.43.5.103#APVH_www.atc.esp.br:443] Brute force detected for IP [124.43.5.103], throttle. 2026-05-11 00:42:18.630248 [WARN] [161805] [T0] [172.71.124.73:11312:HTTP2-53>124.43.5.103#APVH_www.atc.esp.br:443] Brute force detected for IP [124.43.5.103], throttle. show less	Port Scan
🇩🇪 abdubhai	2026-05-09 14:44:06 (3 weeks ago)	124.43.5.103 - - [09/May/2026:19 ...	Brute-Force
🇩🇪 4server	2026-05-08 15:33:08 (3 weeks ago)	[FriMay0817:33:05.5761412026][security2:error][pid2187483:tid2187504][client124.43.5.103:0]ModSecuri ... show more [FriMay0817:33:05.5761412026][security2:error][pid2187483:tid2187504][client124.43.5.103:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"atelier-lara.ch\"][uri\"/xmlrpc.php\"][unique_id\"af4CMR0oTF8P_jH9ULX1tQAAAAg\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 WeekendWeb	2026-05-08 12:58:30 (3 weeks ago)	Wordpress Vunerability attack	Web App Attack
🇦🇹 Pingger Shikkoken	2026-05-08 08:18:17 (3 weeks ago)	2026-05-08T08:18:17+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more 2026-05-08T08:18:17+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=124.43.5.103 DST=10.1.1.2 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=193 DF PROTO=TCP SPT=64610 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-05-08T08:18:18+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=124.43.5.103 DST=10.1.1.2 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=194 DF PROTO=TCP SPT=64610 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-05-08T08:18:20+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=124.43.5.103 DST=10.1.1.2 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=195 DF PROTO=TCP SPT=64610 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Hacking Bad Web Bot

Showing 46 to 60 of 169 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 208.77.244.27

🇳🇱 152.55.184.52

🇳🇱 152.55.184.5

🇨🇳 116.233.83.90

🇸🇬 103.134.154.138

🇩🇪 95.90.13.168

🇷🇴 92.118.39.236

🇷🇴 80.94.92.182

🇺🇸 50.255.62.89

🇺🇦 46.200.66.166

🇺🇸 213.254.175.81

🇧🇪 198.235.24.203

🇹🇳 197.1.217.69

🇻🇪 190.120.252.68

🇩🇿 154.241.47.200

🇩🇪 116.203.204.171

🇮🇹 93.92.76.14

🇧🇷 45.178.182.186

🇺🇸 34.16.54.115

🇮🇩 27.112.78.223